Security in 2015: The Internet Becomes the Corporate Network Perimeter

Friday, December 05, 2014

Paul Lipman

C58e402c41b06ade1da4ce5bab5e19aa

The cloud has been widely hailed as the most disruptive force in modern business. Indeed, the world is in the midst of fundamentally profound transformations, enabled by the cloud, in the ways in which we access and interact with data and applications. Unfortunately, the security industry has not kept pace with these transformational trends, necessitating an equally profound change in the way we secure modern businesses against cyber-attack.

As recently as two to three years ago, the Chief Information Security Officer (CISO) was focused on defending the network against attack, and attempted to achieve this through an investment in a wide array of disparate on-premise technologies. This was all very well when users, corporate applications and data were behind the corporate firewall. However, those days are long gone.

Today, CISO's are concerned about users connecting from their personal mobile devices, accessing corporate data stored in public cloud applications, over public networks. The CISO controls pretty much nothing in this scenario - not the endpoint device, nor the network, nor the application and likely not the data itself. The potential attack surface has expanded from being the corporate network perimeter, which in itself was challenging enough to protect, to encompassing a completely unbounded environment of personal devices, public network infrastructure and cloud applications and service providers. Billions of dollars that were originally invested in perimeter security now offer little to no value in this scenario.

The entire concept of the corporate perimeter is changing. We used to think of the perimeter as simply being the actual physical or logical perimeter of the corporate network. A few years ago it became more common to think of the endpoint device as part of this perimeter. Today, smart CISO's recognize that the internet itself is truly the perimeter of their network. So the internet is where we must look for the solution to this rapidly evolving security problem.

Businesses today are looking for a comprehensive layer of protection through the cloud itself - enabling users to be protected wherever, and however, they are connecting to web services and applications. This is a profound shift for three key reasons:

  • First, a cloud security layer eliminates the need for large enterprises to backhaul traffic, which is not only an expensive proposition, but creates a poor end user experience that is hard to enforce.
  • Second, delivering security at the cloud layer enables the consistent enforcement of security policies based on the context of the user's endpoint device, the network or location from which they are connecting, and the ultimate application with which they are interacting. This approach hands control of corporate data and applications back to the CISO - a critical step in ensuring a strong security posture.
  • Third, delivering security through the cloud provides an unparalleled position of visibility from which to identify and block threats in real time.

Traditional on-premise security solutions have limited visibility beyond their own environment. However, there are now cloud-based services available that can identify anomalies and attacks in real-time, correlating events across tens of thousands of customers and millions of end users to rapidly detect new threats as they propagate, and respond to shut them down before they can exact any damage.

There is a useful analogy here from the days of the cold war. One approach to preventing nuclear attack is to have a battery of missiles stationed at your borders, scanning the skies for incoming ICBMs and then attempting to shoot them down at the very last minute. A superior approach, which was at the heart of President Ronald Reagan's "Star Wars" initiative, would be to station a network of satellites in space, continually watching the globe, armed with the capability to destroy the enemy's attacks within seconds of launch. The former approach was re-active, with a low probability of success. The latter approach, based on a technology vision that was ultimately ahead of its time, was the ultimate in defensive posture.

When it comes to cyber-attacks, at iSheriff we believe that the technology is available today to deliver on a comparable vision: a cloud-based network of threat sensors that correlates events around the globe in real-time, with the ability to block attacks as they occur, keeping corporate assets and data secure. Ultimately the security industry will move from a stovepiped, product-based focus towards an integrated, cloud-based services approach that will enable enterprises to better manage risk and attain robust security postures.

11779
Cloud Security General HIPAA PCI DSS General Infosec Island Firewalls IDS/IDP Network Access Control Network->General SCADA Budgets Enterprise Security Policy Security Awareness Security Training Breaches CVE DB Vulns US-CERT Privacy Vulnerabilities Webappsec->General General PDAs/Smart Phones
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.